> >There is some problem with current security model. As you know the code
> from shared library is executed with an app privileges and app labels.
> >This means that app developer will be *responsible* for actions done by
> all the libraries which he will use. This leads us that all the shared
> libraries should be quite secure.
> > How would you like to solve this issue? Will libraries have their own
> manifests? What they will declare there? Apps will get additionally all
> the permissions of the library? How would you like to test them in store?
>> For the basic system libraries I suppose we assume that we can trust
> them and they have been verified not to be malicious. For the third
> party libraries, they would come with 3rd party packages and will be
> installed into some ac domain (for rpm packages, it is rpm security
> plugin that would do labelling of all data from the package including
> libraries). After this, in order to load the library to your binary, you
> need to have Smack read permission to the library label (setup in the
> previous step). So you can't just arbitrary load any library that you
> have found on the filesystem, but loading will be only possible if your
> process either runs in the same ac domain or has an explicit rule
> allowing read access to library domain. Here is your basic protection.
> For some advanced cases, we might even consider using smack mmap
> attribute that can further restrict loading of a shared library.
For more security, smack can be applied to tpk(Tizen native package), wgt(Tizen web package) like rpm package as you mentioned.
With the privilege declaration, the so libraries can be labeled and be placed in some ac domain.
But if the so libraries are labeled by "_" and located in {app root}/shared/res/(common shared directory), does it have many security vulnerable points?
In case that applications include 'so' libraries in their own private directories, app developers are also responsible for the action done by libraries.
--
Dongeup Ham
Tizen Package Management and Installer
Samsung Electronics
dongeup.ham at samsung.com
_______________________________________________
Dev mailing list
Dev at lists.tizen.orghttps://lists.tizen.org/listinfo/dev